ArubaOS-CX Switching Fundamentals
This course teaches you the advanced skills necessary to implement and operate enterprise level Aruba campus switching solutions. You will build on the skills you learned at the Associate level to configure and manage modern, open standards-based networking solutions using Aruba’s OS-CX routing and switching technologies. In this course, participants learn about ArubaOS-CX switch technologies including: securing port access with Aruba’s dynamic segmentation, redundancy technologies such as Multiple Spanning Tree Protocol (MSTP), link aggregation techniques including Link Aggregation Protocol (LACP) and switch virtualization with Aruba’s Virtual Switching Extension (VSX) and Aruba’s Virtual Switching Framework (VSF). This course is approximately 50% lecture and 50% hands-on lab exercises.
After you successfully complete this course, expect to be able to:
etEdit to manage switch configurations
he Network Analytics Engine (NAE) to implement scripting solutions to provide for proactive network management and monitoring
re and contrast VSX, VSF, and backplane stacking
in how VSX handles a split-brain scenario
ment and manage a VSX fabric
e ACLs and identify the criteria by which ACLs select traffic
gure ACLs on AOS-CX switches to select given traffic
static ACLs to interfaces to meet the needs of a particular scenario
ne an ACL configuration and determine the action taken on specific packets
y AOS-Switches in single-area and multi-area OSPF systems
rea definitions and summaries to create efficient and scalable multiple area designs
tise routes to external networks in a variety of OSPF environments
te fast, effective convergence during a variety of failover situations
irtual links as required to establish non-direct connections to the backbone
ment OSFP authentication
lish and monitor BGP sessions between your routers and ISP routers
tise an IP block to multiple ISP routers
gure a BGP router to advertise a default route in OSPF
nternet Group Management Protocol (IGMP) to optimize forwarding of multicast traffic within VLANs
ibe the differences between IGMP and IGMP snooping
nguish between PIM-DM and PIM-SM
ment PIM-DM and PIM-SM to route multicast traffic
ment Virtual Routing Forwarding (VRF) policies to contain and segregate routing information
e route maps to control routing policies
stand the use of user roles to control user access on AOS-CX switches
ment local user roles on AOS-CX switches and downloadable user roles using a ClearPass solution
ment 802.1X on AOS-CX switch ports
rate AOS-CX switches with an Aruba ClearPass solution, which might apply dynamic role settings
ment RADIUS-based MAC Authentication (MAC-Auth) on AOS-CX switch ports
gure captive portal authentication on AOS-CX switches to integrate them with an Aruba ClearPass solution
ne multiple forms of authentication on a switch port that supports one or more simultaneous users
gure dynamic segmentation on AOS-CX switches
in how technologies such as sFlow and traffic mirroring allow you to monitor network traffic
ibe how AOS-CX switches prioritize traffic based on its queue
gure AOS-CX switches to honor the appropriate QoS marks applied by other devices
gure AOS-CX switches to select traffic, apply the appropriate QoS marks, and place the traffic in the proper priority queues
ment rate limiting
stand how the Virtual Output Queuing (VOQ) feature mitigates head-of-line (HOL) blocking
gure a voice VLAN and LLDP-MED
Typical candidates for this course are IT Professionals who will deploy and manage networks based on HPE’s ArubaOS-CX switches.
Introduction to Aruba Switching
- Switches overview
- Architectures
NetEdit
- Overview
- Centralized configuration
- Switch groups/templates
- AOS-CX mobile App
Network Analytics Engine (NAE)
- Overview
- Configuration
- Core NAE feature lab
- sflow, local mirror, remote mirror
VSX
- VSF vs. VSX: access and Agg/core design
- Stacking review
- VSF and uni/multi packet forwarding
- Stack fragments / split brain
- VSX Overview: roles, control, data, management planes
- VSX components (ISL, Keepalive, VSX LAG, Active Gateway, Active-Forwarding, Link Delay)
- Split Brain scenario
- Upstream Connectively Options (ROP single VRF, SVIs with multiple VRF, VSX Lag SVIs with multiple VRFs)
- Upstream/Downstream unicast traffic flow (South-North and North-South)
- VSX Configuration: VSX and Active Gateway
- VSX firmware updates
ACLs
- Overview: types, components
- MAC ACL, Standard ACL, Extended ACL,
- Classifier-based Policies
- Configuration: wildcard bits, logging, pacl, vacl, racl
Advanced OSPF
- Review basic OSPF
- Multi area: setup and aggregation
- Area-Types Stub, Totally Stub, NSSA, Totally NSSA
- External routes
- OSPF tuning: costs, bfd, gr, auth, vrrp, virt link
BGP
- Overview: i/e bgp, as numbers
- Best path selection
- Configuration: route announcement
- Route filtering to prevent transit as
IGMP
- Overview
- Querier
- Snooping
- Unknown multicasts
Multicast Routing: PIM
- Overview
- PIM DM
802.1X Authentication
- Overview: roles, requirements, coa, accounting
- Dynamic port configuration: avp, acl, qos, VLAN
- Port-based vs. user-based: examples
- Radius service tracking, critical VLAN
MAC Authentication
- Overview: Use cases
- Radius-based MAC Auth
Dynamic Segmentation
- Leverage dynamic segmentation features
- Configure tunneled-node on AOS-CX switches
- Describe when and how to configure PAPI enhanced security, high availability, and fallback switching for tunneled-node
Quality of Service
- Overview
- VoQ (Virtual Output Queue)
- QOS: queueing, QOS marks, dot1p, dscp
- Trust levels
- QOS configuration: port, VLAN, policies
- Interaction with user roles
- Queue configuration
- Rate limiters
- LLDP-MED
Additional Routing Technologies
- VRF – Management VRF
- PBR
- MDNS
- PIM SM
Capitve Portal Authentication
- Overview of guest solutions
- Built-in web auth
- ClearPass redirect with CPPM
https://www.etc.at/seminare/ICX